Class BaseRunAsSuperuserCommand

java.lang.Object
org.elasticsearch.cli.Command
All Implemented Interfaces:
Closeable, AutoCloseable

public abstract class BaseRunAsSuperuserCommand extends KeyStoreAwareCommand
A KeyStoreAwareCommand that can be extended fpr any CLI tool that needs to allow a local user with filesystem write access to perform actions on the node as a superuser. It leverages temporary file realm users with a `superuser` role.
  • Field Details

    • urlOption

      protected final joptsimple.OptionSpec<String> urlOption
  • Constructor Details

  • Method Details

    • execute

      public final void execute(org.elasticsearch.cli.Terminal terminal, joptsimple.OptionSet options, Environment env, org.elasticsearch.cli.ProcessInfo processInfo) throws Exception
      Specified by:
      execute in class KeyStoreAwareCommand
      Throws:
      Exception
    • executeCommand

      protected abstract void executeCommand(org.elasticsearch.cli.Terminal terminal, joptsimple.OptionSet options, Environment env, String username, SecureString password) throws Exception
      This is called after we have created a temporary superuser in the file realm and verified that its credentials work. The username and password of the generated user are passed as parameters. Overriding methods should not try to close the password.
      Throws:
      Exception
    • validate

      protected abstract void validate(org.elasticsearch.cli.Terminal terminal, joptsimple.OptionSet options, Environment env) throws Exception
      This method is called before we attempt to crete a temporary superuser in the file realm. Commands that implement BaseRunAsSuperuserCommand can do preflight checks such as parsing and validating options without the need to go through the process of attempting to create and remove the temporary user unnecessarily.
      Throws:
      Exception